Priorities of Latvian Data State Inspectorate


published on 13 December 2019 | Reading time approx. 1 minute


The Data State Inspectorate (hereinafter – DSI), the Latvian national supervisory authority responsible for the protection of personal data, has announced its priorities for the year 2019 and henceforth.



Since May 25, 2018, the provisions of the General Data Protection Regulation (GDPR) are applicable. As the main goals of GDPR were to achieve a stricter and more coordinated legal framework for the protection of personal data as well as free movement (transfer) of such data, GDPR imposes several obligations to everybody that collects or carries out any other actions with personal data in order to guarantee uninterrupted compliance with the provisions therein whenever personal data is being processing.

Considering that among the main goals of the DSI is the protection of the fundamental rights to privacy and data protection as well as ensuring that personal data is processed in compliance with GDPR, in order to improve the effectiveness of personal data protection and to ensure uniform approach when exercising its supervisory functions, the DSI has publicly announced that its main priorities as a supervisory authority are:

  • video surveillance;
  • monitoring the performance of data controllers with regard to their duties and obligations towards data subjects;
  • ensuring the observation of warnings and implementation of recommendations and orders of the DSI.

Since video surveillance is recognized as one of the most substantial data processing activities that has a considerable impact on data subjects, data processing by means of video surveillance is subject to several very strict requirements. Such requirements include, but are not limited to:

  • the obligation to assess whether video surveil-lance is justified (legitimate) and necessary;
  • evaluation of the purposes of video surve-illance;
  • assessment on the placement of video cameras;
  • proper placement of warning signs, provision of information to data subjects;
  • obligation to define the tools and technical equipment used for proper processing of personal data;
  • the obligation to comply with the requirements for safe storage of personal data and the access thereto.

It should also be noted that, according to the current data protection legal framework, not only the data controller, but also the data processor carrying out the processing of personal data in accordance with the instructions of the data controller, shall be responsible for compli-ance with the requirements listed above.

Taking all of the aforementioned into account, proper attention must be brought to the implementation of all necessary internal proce-dures and policies in order to ensure compliance with the legal obligations applicable to the processing and protection of personal data protection, as the priorities of the DSI include, inter alia, preventive actions, i.e., issuing warnings and imposing fines for breaches of laws regulating data protection.

Another important aspect that both controllers and processors should take into account is that having proper internal procedures for personal data processing in place not only protects the accountability of a company and its management, but also gives control over data processing and serves as an effective instrument for cooperation with supervisory authorities, as well as ensures being able to immediately respond to incidents, all of which taken together improves the reputation of a company.

 From the Newsletter


Contact Person Picture

​Kristīne Zvejniece


+371 67 3381 25
+371 67 3381 26

Send inquiry

 How we can help you

 Read more

We use cookies to personalise the website and offer you the greatest added value. They are, among other purposes, used to analyse visitor usage in order to improve the website for you. By using this website, you agree to their use. Further information can be found in our data privacy statement.
Deutschland Weltweit Search Menu